CHALLENGE OVER
The Challenge
Two plain SHA1 password hashes have been generated using separate techniques from a single "Random-Grid" One-Time Grid (see One-Time Grid write-up <HERE>). This password cracking challenge will last one week, which starts Aug 27th, 2018 1200PM EST and ends September 3rd, 2018 at 1200PM EST.
HASH #1
[CRACKED by @BoursierEtienne] fe0c9f335b35c45e92d5e7d07c5933b6c4c0a522
HASH #2
[CRACKED by @lakiw]
120c249bc0f301ef3cba7a0fcbff463aaaded486
Prizes
Claim your prizes by posting on Twitter to @netmux with the cracked password. All valid submissions must be received before Sept 3rd at 1200PM EST.
***Limit=1. Sorry only United States contestants are eligible to receive the password cracking rig. A $500 Amazon gift card will be awarded for an international winner that cracks HASH #2.
**To receive your final prizes contestants must submit a write-up of your strategy for cracking the password hash. These write-ups will be posted at the end of the challenge accompanying the correct solutions.
Clues
Clues will be given periodically throughout the contest. Please follow @netmux on Twitter for announcements of new clues.
CHALLENGE WRITE-UP
-wanted to give back
-rush to get it out, switched from md5 to sha1 at last minute
-hard to know what's obvious when you know the answer
-tried to slow down people with larger rigs and make it about clever analysis and tricks
-Explain each "Clue"
-36 Unique total characters out of 49 = IA9GVwc8oyL$)M.!q03WKH+epP?*{TxJzhbu
-10 characters repeating = IG8oL$.+p3
-7 repeat characters used = $I.3+LG
-HASH #2 = q$*I.3+xLHG)wc71997
08+{superjetyoMKHp
q$*I.3+xLHG)wc71997
The Clues Explained
"There is nothing more deceptive than an obvious fact."
HASH #1 = 08+{superjetyoMKHp
HASH #2 = q$*I.3+xLHG)wc71997
Cells with repeat values = q$*I.3+xLHG)wc71997
One-Time Grid: Random Password Book
Hash Crack: Password Cracking Manual
Pentester Portable Cracking Rig
Almost done…
We just sent you an email. Please click the link in the email to confirm your subscription!